Filesystem Hierarchy Standard

Utilities used for system administration (and other root-only commands)
are stored in /sbin, /usr/sbin, and
/usr/local/sbin. /sbin contains binaries essential for
booting, restoring, recovering, and/or repairing the system in addition
to the binaries in /bin.[footnote 15]

The following files, or symbolic links to files, must be in /sbin if the corresponding
subsystem is installed:

fastboot

Reboot the system without checking the disks (optional)

fasthalt

Stop the system without checking the disks (optional)

fdisk

Partition table manipulator (optional)

fsck

File system check and repair utility (optional)

fsck.*

File system check and repair utility for a specific filesystem (optional)

getty

The getty program (optional)

halt

Command to stop the system (optional)

ifconfig

Configure a network interface (optional)

init

Initial process (optional)

mkfs

Command to build a filesystem (optional)

mkfs.*

Command to build a specific filesystem (optional)

mkswap

Command to set up a swap area (optional)

reboot

Command to reboot the system (optional)

route

IP routing table utility (optional)

swapon

Enable paging and swapping (optional)

swapoff

Disable paging and swapping (optional)

update

Daemon to periodically flush filesystem buffers (optional)

Table 3.14.3.2

[15]Originally, /sbin binaries were kept in /etc.
Programs executed after /usr is known to be mounted (when there
are no problems) are generally placed into /usr/sbin.
Locally-installed system administration programs should be placed into
/usr/local/sbin.[footnote 16]

[16]Deciding what things go into "sbin" directories is simple: if a
normal (not a system administrator) user will ever run it directly, then
it must be placed in one of the "bin" directories. Ordinary
users should not have to place any of the sbin directories in
their path.

For example, files such as chfn which users only
occasionally use must still be placed in /usr/bin.
ping, although it is absolutely necessary for root (network
recovery and diagnosis) is often used by users and must live in
/bin for that reason.

We recommend that users have read and execute permission for everything
in /sbin except, perhaps, certain setuid and setgid programs.
The division between /bin and /sbin was not created for
security reasons or to prevent users from seeing the operating system,
but to provide a good partition between binaries that everyone uses and
ones that are primarily used for administration tasks. There is no
inherent security advantage in making /sbin off-limits for
users.